WO2000038036A2 - System penetrating a computer or computer network - Google Patents
System penetrating a computer or computer network Download PDFInfo
- Publication number
- WO2000038036A2 WO2000038036A2 PCT/US1999/030850 US9930850W WO0038036A2 WO 2000038036 A2 WO2000038036 A2 WO 2000038036A2 US 9930850 W US9930850 W US 9930850W WO 0038036 A2 WO0038036 A2 WO 0038036A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- scan
- modules
- objective
- network
- data
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Abstract
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP99966633A EP1141831B1 (en) | 1998-12-23 | 1999-12-22 | System penetrating a computer or computer network |
AT99966633T ATE261597T1 (en) | 1998-12-23 | 1999-12-22 | SYSTEM FOR BREACHING INTO A COMPUTER OR A COMPUTER NETWORK |
DE69915516T DE69915516T2 (en) | 1998-12-23 | 1999-12-22 | SYSTEM FOR INSERTING IN A COMPUTER OR WZ. A COMPUTER NETWORK |
AU22138/00A AU2213800A (en) | 1998-12-23 | 1999-12-22 | System penetrating a computer or computer network |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/220,125 US6574737B1 (en) | 1998-12-23 | 1998-12-23 | System for penetrating computer or computer network |
US09/220,125 | 1998-12-23 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2000038036A2 true WO2000038036A2 (en) | 2000-06-29 |
WO2000038036A3 WO2000038036A3 (en) | 2000-11-09 |
Family
ID=22822173
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1999/030850 WO2000038036A2 (en) | 1998-12-23 | 1999-12-22 | System penetrating a computer or computer network |
Country Status (6)
Country | Link |
---|---|
US (1) | US6574737B1 (en) |
EP (1) | EP1141831B1 (en) |
AT (1) | ATE261597T1 (en) |
AU (1) | AU2213800A (en) |
DE (1) | DE69915516T2 (en) |
WO (1) | WO2000038036A2 (en) |
Cited By (30)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001073553A1 (en) * | 2000-03-27 | 2001-10-04 | Network Security Systems, Inc. | Internet/network security method and system for checking security of a client from a remote facility |
EP1267545A1 (en) * | 2001-06-14 | 2002-12-18 | International Business Machines Corporation | Intrusion detection in data processing system |
EP1374022A2 (en) * | 2001-04-02 | 2004-01-02 | Telos Corporation | System, method and medium for certifying and accrediting requirements compliance |
EP1417603A1 (en) * | 2001-07-10 | 2004-05-12 | Core SDI, Incorporated | Automated computer system security compromise |
WO2011031777A3 (en) * | 2009-09-08 | 2011-05-05 | Core Sdi, Incorporated | System and method for probabilistic attack planning |
CN103457957A (en) * | 2013-09-17 | 2013-12-18 | 北京信息科技大学 | Network penetration test system with self-adaption function and network penetration test method |
US10038711B1 (en) | 2017-01-30 | 2018-07-31 | XM Ltd. | Penetration testing of a networked system |
US10068095B1 (en) | 2017-05-15 | 2018-09-04 | XM Cyber Ltd | Systems and methods for selecting a termination rule for a penetration testing campaign |
US10122750B2 (en) | 2017-01-30 | 2018-11-06 | XM Cyber Ltd | Setting-up penetration testing campaigns |
US10257220B2 (en) | 2017-01-30 | 2019-04-09 | Xm Cyber Ltd. | Verifying success of compromising a network node during penetration testing of a networked system |
US10367846B2 (en) | 2017-11-15 | 2019-07-30 | Xm Cyber Ltd. | Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign |
US10382473B1 (en) | 2018-09-12 | 2019-08-13 | Xm Cyber Ltd. | Systems and methods for determining optimal remediation recommendations in penetration testing |
US10412112B2 (en) | 2017-08-31 | 2019-09-10 | Xm Cyber Ltd. | Time-tagged pre-defined scenarios for penetration testing |
US10440044B1 (en) | 2018-04-08 | 2019-10-08 | Xm Cyber Ltd. | Identifying communicating network nodes in the same local network |
US10447721B2 (en) | 2017-09-13 | 2019-10-15 | Xm Cyber Ltd. | Systems and methods for using multiple lateral movement strategies in penetration testing |
US10462177B1 (en) | 2019-02-06 | 2019-10-29 | Xm Cyber Ltd. | Taking privilege escalation into account in penetration testing campaigns |
US10469521B1 (en) | 2018-11-04 | 2019-11-05 | Xm Cyber Ltd. | Using information about exportable data in penetration testing |
US10534917B2 (en) | 2017-06-20 | 2020-01-14 | Xm Cyber Ltd. | Testing for risk of macro vulnerability |
US10574687B1 (en) | 2018-12-13 | 2020-02-25 | Xm Cyber Ltd. | Systems and methods for dynamic removal of agents from nodes of penetration testing systems |
US10574684B2 (en) | 2017-07-09 | 2020-02-25 | Xm Cyber Ltd. | Locally detecting phishing weakness |
US10581802B2 (en) | 2017-03-16 | 2020-03-03 | Keysight Technologies Singapore (Sales) Pte. Ltd. | Methods, systems, and computer readable media for advertising network security capabilities |
US10637883B1 (en) | 2019-07-04 | 2020-04-28 | Xm Cyber Ltd. | Systems and methods for determining optimal remediation recommendations in penetration testing |
US10686822B2 (en) | 2017-01-30 | 2020-06-16 | Xm Cyber Ltd. | Systems and methods for selecting a lateral movement strategy for a penetration testing campaign |
US10880326B1 (en) | 2019-08-01 | 2020-12-29 | Xm Cyber Ltd. | Systems and methods for determining an opportunity for node poisoning in a penetration testing campaign, based on actual network traffic |
US11005878B1 (en) | 2019-11-07 | 2021-05-11 | Xm Cyber Ltd. | Cooperation between reconnaissance agents in penetration testing campaigns |
US11206281B2 (en) | 2019-05-08 | 2021-12-21 | Xm Cyber Ltd. | Validating the use of user credentials in a penetration testing campaign |
US11283827B2 (en) | 2019-02-28 | 2022-03-22 | Xm Cyber Ltd. | Lateral movement strategy during penetration testing of a networked system |
US11533329B2 (en) | 2019-09-27 | 2022-12-20 | Keysight Technologies, Inc. | Methods, systems and computer readable media for threat simulation and threat mitigation recommendations |
US11575700B2 (en) | 2020-01-27 | 2023-02-07 | Xm Cyber Ltd. | Systems and methods for displaying an attack vector available to an attacker of a networked system |
US11582256B2 (en) | 2020-04-06 | 2023-02-14 | Xm Cyber Ltd. | Determining multiple ways for compromising a network node in a penetration testing campaign |
Families Citing this family (137)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6760746B1 (en) | 1999-09-01 | 2004-07-06 | Eric Schneider | Method, product, and apparatus for processing a data request |
IL143573A0 (en) | 1998-12-09 | 2002-04-21 | Network Ice Corp | A method and apparatus for providing network and computer system security |
US7188138B1 (en) | 1999-03-22 | 2007-03-06 | Eric Schneider | Method, product, and apparatus for resource identifier registration and aftermarket services |
USRE43690E1 (en) | 1999-03-22 | 2012-09-25 | Esdr Network Solutions Llc | Search engine request method, product, and apparatus |
US8037168B2 (en) | 1999-07-15 | 2011-10-11 | Esdr Network Solutions Llc | Method, product, and apparatus for enhancing resolution services, registration services, and search services |
US6338082B1 (en) | 1999-03-22 | 2002-01-08 | Eric Schneider | Method, product, and apparatus for requesting a network resource |
US9141717B2 (en) | 1999-03-22 | 2015-09-22 | Esdr Network Solutions Llc | Methods, systems, products, and devices for processing DNS friendly identifiers |
US6839757B1 (en) * | 1999-04-28 | 2005-01-04 | 2Wire, Inc. | System and method for automatically discovering accessible services on a computer network and providing automatic access thereto |
US7346929B1 (en) * | 1999-07-29 | 2008-03-18 | International Business Machines Corporation | Method and apparatus for auditing network security |
US7073198B1 (en) | 1999-08-26 | 2006-07-04 | Ncircle Network Security, Inc. | Method and system for detecting a vulnerability in a network |
USRE44207E1 (en) | 1999-09-01 | 2013-05-07 | Esdr Network Solutions Llc | Network resource access method, product, and apparatus |
JP4084914B2 (en) * | 1999-09-29 | 2008-04-30 | 株式会社日立製作所 | Security evaluation method and apparatus, security measure creation support method and apparatus |
US8006243B2 (en) | 1999-12-07 | 2011-08-23 | International Business Machines Corporation | Method and apparatus for remote installation of network drivers and software |
JP4507319B2 (en) * | 1999-12-17 | 2010-07-21 | ソニー株式会社 | Information processing device, information processing method, program, recording medium, terminal device, system, and system method |
US6775657B1 (en) * | 1999-12-22 | 2004-08-10 | Cisco Technology, Inc. | Multilayered intrusion detection system and method |
US6957348B1 (en) * | 2000-01-10 | 2005-10-18 | Ncircle Network Security, Inc. | Interoperability of vulnerability and intrusion detection systems |
US7315801B1 (en) * | 2000-01-14 | 2008-01-01 | Secure Computing Corporation | Network security modeling system and method |
US7698396B2 (en) * | 2000-01-31 | 2010-04-13 | Hitachi Software Engineering Co., Ltd. | Method of automatically recognizing network configuration including intelligent packet relay equipment, method of displaying network configuration chart, and system thereof |
US6880005B1 (en) * | 2000-03-31 | 2005-04-12 | Intel Corporation | Managing policy rules in a network |
US7921459B2 (en) * | 2000-04-28 | 2011-04-05 | International Business Machines Corporation | System and method for managing security events on a network |
JP4700884B2 (en) * | 2000-04-28 | 2011-06-15 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Method and system for managing computer security information |
US7574740B1 (en) * | 2000-04-28 | 2009-08-11 | International Business Machines Corporation | Method and system for intrusion detection in a computer network |
US20040073617A1 (en) | 2000-06-19 | 2004-04-15 | Milliken Walter Clark | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US7181769B1 (en) * | 2000-08-25 | 2007-02-20 | Ncircle Network Security, Inc. | Network security system having a device profiler communicatively coupled to a traffic monitor |
US9280667B1 (en) | 2000-08-25 | 2016-03-08 | Tripwire, Inc. | Persistent host determination |
US6807569B1 (en) * | 2000-09-12 | 2004-10-19 | Science Applications International Corporation | Trusted and anonymous system and method for sharing threat data to industry assets |
US9027121B2 (en) | 2000-10-10 | 2015-05-05 | International Business Machines Corporation | Method and system for creating a record for one or more computer security incidents |
US6704030B1 (en) * | 2000-10-13 | 2004-03-09 | Lucent Technologies Inc. | Method and apparatus for provisioning telecommunications equipment |
US7072981B1 (en) | 2000-12-21 | 2006-07-04 | Cisco Technology, Inc. | Preallocation of client network address translation addresses for client-server networks |
US7130466B2 (en) * | 2000-12-21 | 2006-10-31 | Cobion Ag | System and method for compiling images from a database and comparing the compiled images with known images |
US7089328B1 (en) | 2000-12-29 | 2006-08-08 | Cisco Technology, Inc. | Method allocation scheme for maintaining server load balancers services in a high throughput environment |
US20020147803A1 (en) * | 2001-01-31 | 2002-10-10 | Dodd Timothy David | Method and system for calculating risk in association with a security audit of a computer network |
US7185232B1 (en) | 2001-02-28 | 2007-02-27 | Cenzic, Inc. | Fault injection methods and apparatus |
US7590745B2 (en) * | 2001-03-02 | 2009-09-15 | International Business Machines Corporation | System and method for analyzing a router in a shared network system |
US8135815B2 (en) * | 2001-03-27 | 2012-03-13 | Redseal Systems, Inc. | Method and apparatus for network wide policy-based analysis of configurations of devices |
US7325252B2 (en) * | 2001-05-18 | 2008-01-29 | Achilles Guard Inc. | Network security testing |
US20030028803A1 (en) * | 2001-05-18 | 2003-02-06 | Bunker Nelson Waldo | Network vulnerability assessment system and method |
US7043757B2 (en) * | 2001-05-22 | 2006-05-09 | Mci, Llc | System and method for malicious code detection |
US7657419B2 (en) * | 2001-06-19 | 2010-02-02 | International Business Machines Corporation | Analytical virtual machine |
US7003561B1 (en) * | 2001-06-29 | 2006-02-21 | Mcafee, Inc. | System, method and computer program product for improved efficiency in network assessment utilizing a port status pre-qualification procedure |
US7124181B1 (en) * | 2001-06-29 | 2006-10-17 | Mcafee, Inc. | System, method and computer program product for improved efficiency in network assessment utilizing variable timeout values |
US8104017B2 (en) * | 2001-10-25 | 2012-01-24 | The Mathworks, Inc. | Traceability in a modeling environment |
US6546493B1 (en) | 2001-11-30 | 2003-04-08 | Networks Associates Technology, Inc. | System, method and computer program product for risk assessment scanning based on detected anomalous events |
US8266703B1 (en) | 2001-11-30 | 2012-09-11 | Mcafee, Inc. | System, method and computer program product for improving computer network intrusion detection by risk prioritization |
AU2003202876A1 (en) | 2002-01-04 | 2003-07-24 | Internet Security Systems, Inc. | System and method for the managed security control of processes on a computer system |
WO2004064210A1 (en) | 2003-01-08 | 2004-07-29 | Ceyx Technologies, Inc. | Apparatus and method for measurement of dynamic laser signals |
US7543056B2 (en) | 2002-01-15 | 2009-06-02 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7664845B2 (en) * | 2002-01-15 | 2010-02-16 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7257630B2 (en) * | 2002-01-15 | 2007-08-14 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US20030154269A1 (en) * | 2002-02-14 | 2003-08-14 | Nyanchama Matunda G. | Method and system for quantitatively assessing computer network vulnerability |
US20030163729A1 (en) * | 2002-02-27 | 2003-08-28 | International Business Machines Corporation | Security management in data processing networks |
US6941467B2 (en) * | 2002-03-08 | 2005-09-06 | Ciphertrust, Inc. | Systems and methods for adaptive message interrogation through multiple queues |
US7903549B2 (en) | 2002-03-08 | 2011-03-08 | Secure Computing Corporation | Content-based policy compliance systems and methods |
US8132250B2 (en) | 2002-03-08 | 2012-03-06 | Mcafee, Inc. | Message profiling systems and methods |
US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
US7694128B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for secure communication delivery |
US20060015942A1 (en) | 2002-03-08 | 2006-01-19 | Ciphertrust, Inc. | Systems and methods for classification of messaging entities |
US7693947B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for graphically displaying messaging traffic |
US7124438B2 (en) | 2002-03-08 | 2006-10-17 | Ciphertrust, Inc. | Systems and methods for anomaly detection in patterns of monitored communications |
US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
US20030172291A1 (en) | 2002-03-08 | 2003-09-11 | Paul Judge | Systems and methods for automated whitelisting in monitored communications |
US7870203B2 (en) | 2002-03-08 | 2011-01-11 | Mcafee, Inc. | Methods and systems for exposing messaging reputation to an end user |
US20030188194A1 (en) * | 2002-03-29 | 2003-10-02 | David Currie | Method and apparatus for real-time security verification of on-line services |
US8788650B1 (en) * | 2002-07-19 | 2014-07-22 | Fortinet, Inc. | Hardware based detection devices for detecting network traffic content and methods of using the same |
AU2003273085A1 (en) * | 2002-10-22 | 2004-05-13 | Unho Choi | Integrated emergency response system in information infrastructure and operating method therefor |
US7607169B1 (en) | 2002-12-02 | 2009-10-20 | Arcsight, Inc. | User interface for network security console |
US7913303B1 (en) | 2003-01-21 | 2011-03-22 | International Business Machines Corporation | Method and system for dynamically protecting a computer system from attack |
US8561175B2 (en) * | 2003-02-14 | 2013-10-15 | Preventsys, Inc. | System and method for automated policy audit and remediation management |
US20050005152A1 (en) * | 2003-07-01 | 2005-01-06 | Navjot Singh | Security vulnerability monitor |
US7657938B2 (en) | 2003-10-28 | 2010-02-02 | International Business Machines Corporation | Method and system for protecting computer networks by altering unwanted network data traffic |
US20060282494A1 (en) * | 2004-02-11 | 2006-12-14 | Caleb Sima | Interactive web crawling |
US8566945B2 (en) | 2004-02-11 | 2013-10-22 | Hewlett-Packard Development Company, L.P. | System and method for testing web applications with recursive discovery and analysis |
US7765597B2 (en) * | 2004-02-11 | 2010-07-27 | Hewlett-Packard Development Company, L.P. | Integrated crawling and auditing of web applications and web content |
KR100631784B1 (en) * | 2004-02-16 | 2006-10-11 | 삼성전자주식회사 | System and method for preventing infection from computer virus |
US8201257B1 (en) | 2004-03-31 | 2012-06-12 | Mcafee, Inc. | System and method of managing network security risks |
US20050259634A1 (en) * | 2004-05-19 | 2005-11-24 | Ross Perry R | Method and apparatus for low-overhead service availability and performance monitoring |
US7752671B2 (en) * | 2004-10-04 | 2010-07-06 | Promisec Ltd. | Method and device for questioning a plurality of computerized devices |
US8635690B2 (en) | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
US20060117388A1 (en) * | 2004-11-18 | 2006-06-01 | Nelson Catherine B | System and method for modeling information security risk |
KR20060057916A (en) * | 2004-11-24 | 2006-05-29 | 한국전자통신연구원 | Method and apparatus for generating network packet which includes the attack packet generation functionality for information security system testing |
US8095982B1 (en) | 2005-03-15 | 2012-01-10 | Mu Dynamics, Inc. | Analyzing the security of communication protocols and channels for a pass-through device |
US8095983B2 (en) * | 2005-03-15 | 2012-01-10 | Mu Dynamics, Inc. | Platform for analyzing the security of communication protocols and channels |
WO2006102515A1 (en) * | 2005-03-23 | 2006-09-28 | Belarc, Inc. | Security control verification and monitoring subsystem for use in a computer information database system |
US7937480B2 (en) | 2005-06-02 | 2011-05-03 | Mcafee, Inc. | Aggregation of reputation data |
US20160248813A1 (en) * | 2006-08-23 | 2016-08-25 | Threatstop, Inc. | Method and system for propagating network policy |
US9172611B2 (en) | 2006-09-01 | 2015-10-27 | Spirent Communications, Inc. | System and method for discovering assets and functional relationships in a network |
US8316447B2 (en) * | 2006-09-01 | 2012-11-20 | Mu Dynamics, Inc. | Reconfigurable message-delivery preconditions for delivering attacks to analyze the security of networked systems |
US7958230B2 (en) | 2008-09-19 | 2011-06-07 | Mu Dynamics, Inc. | Test driven deployment and monitoring of heterogeneous network systems |
US7949716B2 (en) | 2007-01-24 | 2011-05-24 | Mcafee, Inc. | Correlation and analysis of entity attributes |
US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
US8214497B2 (en) | 2007-01-24 | 2012-07-03 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US7779156B2 (en) | 2007-01-24 | 2010-08-17 | Mcafee, Inc. | Reputation based load balancing |
US8179798B2 (en) | 2007-01-24 | 2012-05-15 | Mcafee, Inc. | Reputation based connection throttling |
US8122729B2 (en) * | 2007-03-13 | 2012-02-28 | Dri-Eaz Products, Inc. | Dehumidification systems and methods for extracting moisture from water damaged structures |
US20090038014A1 (en) * | 2007-07-31 | 2009-02-05 | Paul Force | System and method for tracking remediation of security vulnerabilities |
US7774637B1 (en) | 2007-09-05 | 2010-08-10 | Mu Dynamics, Inc. | Meta-instrumentation for security analysis |
US8871096B2 (en) * | 2007-09-10 | 2014-10-28 | Res Usa, Llc | Magnetic separation combined with dynamic settling for fischer-tropsch processes |
US8250658B2 (en) * | 2007-09-20 | 2012-08-21 | Mu Dynamics, Inc. | Syntax-based security analysis using dynamically generated test cases |
US8185930B2 (en) | 2007-11-06 | 2012-05-22 | Mcafee, Inc. | Adjusting filter or classification control settings |
US8045458B2 (en) | 2007-11-08 | 2011-10-25 | Mcafee, Inc. | Prioritizing network traffic |
TWI355824B (en) * | 2007-12-11 | 2012-01-01 | Inst Information Industry | Method, network apparatus and computer readable me |
US8160975B2 (en) | 2008-01-25 | 2012-04-17 | Mcafee, Inc. | Granular support vector machine with random granularity |
US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
KR20090121579A (en) * | 2008-05-22 | 2009-11-26 | 주식회사 이베이지마켓 | System for checking vulnerabilities of servers and method thereof |
US8069471B2 (en) * | 2008-10-21 | 2011-11-29 | Lockheed Martin Corporation | Internet security dynamics assessment system, program product, and related methods |
US8490196B2 (en) * | 2009-08-05 | 2013-07-16 | Core Security Technologies | System and method for extending automated penetration testing to develop an intelligent and cost efficient security strategy |
US8547974B1 (en) | 2010-05-05 | 2013-10-01 | Mu Dynamics | Generating communication protocol test cases based on network traffic |
US8463860B1 (en) | 2010-05-05 | 2013-06-11 | Spirent Communications, Inc. | Scenario based scale testing |
US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US8826231B1 (en) * | 2010-06-28 | 2014-09-02 | The Boeing Company | Methods and systems for deploying software applications |
US9106514B1 (en) | 2010-12-30 | 2015-08-11 | Spirent Communications, Inc. | Hybrid network software provision |
US8464219B1 (en) | 2011-04-27 | 2013-06-11 | Spirent Communications, Inc. | Scalable control system for test execution and monitoring utilizing multiple processors |
US9516451B2 (en) * | 2012-04-10 | 2016-12-06 | Mcafee, Inc. | Opportunistic system scanning |
US9407653B2 (en) * | 2012-04-10 | 2016-08-02 | Mcafee, Inc. | Unified scan management |
US8800046B2 (en) | 2012-04-10 | 2014-08-05 | Mcafee, Inc. | Unified scan engine |
US8955036B2 (en) | 2012-04-11 | 2015-02-10 | Mcafee, Inc. | System asset repository management |
US8954573B2 (en) | 2012-04-11 | 2015-02-10 | Mcafee Inc. | Network address repository management |
US9049207B2 (en) | 2012-04-11 | 2015-06-02 | Mcafee, Inc. | Asset detection system |
US8972543B1 (en) | 2012-04-11 | 2015-03-03 | Spirent Communications, Inc. | Managing clients utilizing reverse transactions |
US9027141B2 (en) * | 2012-04-12 | 2015-05-05 | Netflix, Inc. | Method and system for improving security and reliability in a networked application environment |
US9781046B1 (en) | 2013-11-19 | 2017-10-03 | Tripwire, Inc. | Bandwidth throttling in vulnerability scanning applications |
US11102273B2 (en) * | 2015-05-13 | 2021-08-24 | Cisco Technology, Inc. | Uplink performance management |
US10904282B2 (en) * | 2017-08-08 | 2021-01-26 | American International Group, Inc. | System and method for assessing cybersecurity risk of computer network |
US11093617B2 (en) * | 2017-10-04 | 2021-08-17 | Servicenow, Inc. | Automated vulnerability grouping |
US11418528B2 (en) | 2018-11-02 | 2022-08-16 | Rapid7, Inc. | Dynamic best path determination for penetration testing |
US10771490B2 (en) | 2018-11-28 | 2020-09-08 | Rapid7, Inc. | Detecting anomalous network device activity |
US11416623B2 (en) | 2019-07-31 | 2022-08-16 | International Business Machines Corporation | Automatic penetration testing enablement of regression buckets |
CN111026660B (en) * | 2019-12-05 | 2023-07-07 | 国网浙江省电力有限公司电力科学研究院 | Penetration test method based on expert system knowledge base |
US11507860B1 (en) * | 2020-02-24 | 2022-11-22 | Rapid7, Inc. | Machine learned inference of protocols from banner data |
US11539725B2 (en) | 2020-04-23 | 2022-12-27 | Specter Ops, Inc. | System and method for continuous collection, analysis and reporting of attack paths choke points in a directory services environment |
US20210336971A1 (en) * | 2020-04-23 | 2021-10-28 | Specter Ops, Inc. | System and method for continuous collection, analysis and reporting of attack paths in a directory services environment |
CN111683047B (en) * | 2020-04-30 | 2023-05-30 | 中国平安财产保险股份有限公司 | Unauthorized vulnerability detection method, device, computer equipment and medium |
USD956777S1 (en) | 2020-08-11 | 2022-07-05 | Specter Ops, Inc. | Display screen or portion thereof with graphical user interface |
USD956779S1 (en) | 2020-08-11 | 2022-07-05 | Specter Ops, Inc. | Display screen or portion thereof with an animated graphical user interface |
USD956778S1 (en) | 2020-08-11 | 2022-07-05 | Specter Ops, Inc. | Display screen or portion thereof with an animated graphical user interface |
CN112165498B (en) * | 2020-11-12 | 2022-10-25 | 北京华云安信息技术有限公司 | Intelligent decision-making method and device for penetration test |
CN113704763B (en) * | 2021-09-02 | 2022-03-25 | 北京珞安科技有限责任公司 | Pipelined device scanning detection method |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5892903A (en) * | 1996-09-12 | 1999-04-06 | Internet Security Systems, Inc. | Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system |
US5991881A (en) * | 1996-11-08 | 1999-11-23 | Harris Corporation | Network surveillance system |
US6154844A (en) * | 1996-11-08 | 2000-11-28 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5557742A (en) | 1994-03-07 | 1996-09-17 | Haystack Labs, Inc. | Method and system for detecting intrusion into and misuse of a data processing system |
JPH09214493A (en) * | 1996-02-08 | 1997-08-15 | Hitachi Ltd | Network system |
US6088804A (en) * | 1998-01-12 | 2000-07-11 | Motorola, Inc. | Adaptive system and method for responding to computer network security attacks |
US6298445B1 (en) | 1998-04-30 | 2001-10-02 | Netect, Ltd. | Computer security |
US6185689B1 (en) * | 1998-06-24 | 2001-02-06 | Richard S. Carson & Assoc., Inc. | Method for network self security assessment |
US6219805B1 (en) * | 1998-09-15 | 2001-04-17 | Nortel Networks Limited | Method and system for dynamic risk assessment of software systems |
US6321338B1 (en) * | 1998-11-09 | 2001-11-20 | Sri International | Network surveillance |
US6353385B1 (en) * | 2000-08-25 | 2002-03-05 | Hyperon Incorporated | Method and system for interfacing an intrusion detection system to a central alarm system |
-
1998
- 1998-12-23 US US09/220,125 patent/US6574737B1/en not_active Expired - Lifetime
-
1999
- 1999-12-22 AT AT99966633T patent/ATE261597T1/en not_active IP Right Cessation
- 1999-12-22 DE DE69915516T patent/DE69915516T2/en not_active Expired - Lifetime
- 1999-12-22 AU AU22138/00A patent/AU2213800A/en not_active Abandoned
- 1999-12-22 WO PCT/US1999/030850 patent/WO2000038036A2/en active IP Right Grant
- 1999-12-22 EP EP99966633A patent/EP1141831B1/en not_active Expired - Lifetime
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5892903A (en) * | 1996-09-12 | 1999-04-06 | Internet Security Systems, Inc. | Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system |
US5991881A (en) * | 1996-11-08 | 1999-11-23 | Harris Corporation | Network surveillance system |
US6154844A (en) * | 1996-11-08 | 2000-11-28 | Finjan Software, Ltd. | System and method for attaching a downloadable security profile to a downloadable |
Non-Patent Citations (3)
Title |
---|
BRUNO L: "PRODUCT LEADERS. PLUGGING SECURITY HOLES. NETECT'S NETECTIVE SIMULATES HACKER ATTACKS, LETTING CORPORATE NETWORKERS SHORE UP WEAK SPOTS" DATA COMMUNICATIONS,US,MCGRAW HILL. NEW YORK, vol. 27, no. 2, 1 February 1998 (1998-02-01), pages 29-30, XP000731797 ISSN: 0363-6399 * |
DATABASE INSPEC [Online] INSTITUTE OF ELECTRICAL ENGINEERS, STEVENAGE, GB; ISSN 0740-7459; October 1997 (1997-10) PUKETZA N ; CHUNG M ; OLSSON R A ; MUKHERJEE B : "A software platform for testing intrusion detection systems " XP002141529 * |
JOHNSON J T: "SIMULATED ATTACH FOR REAL NETWORK SECURITY" DATA COMMUNICATIONS,US,MCGRAW HILL. NEW YORK, vol. 24, no. 16, 21 November 1995 (1995-11-21), pages 31-32, XP000545331 ISSN: 0363-6399 * |
Cited By (41)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001073553A1 (en) * | 2000-03-27 | 2001-10-04 | Network Security Systems, Inc. | Internet/network security method and system for checking security of a client from a remote facility |
EP1374022A2 (en) * | 2001-04-02 | 2004-01-02 | Telos Corporation | System, method and medium for certifying and accrediting requirements compliance |
EP1374022A4 (en) * | 2001-04-02 | 2008-09-17 | Telos Corp | System, method and medium for certifying and accrediting requirements compliance |
EP1267545A1 (en) * | 2001-06-14 | 2002-12-18 | International Business Machines Corporation | Intrusion detection in data processing system |
US7568228B2 (en) | 2001-06-14 | 2009-07-28 | International Business Machines Corporation | Intrusion detection in data processing systems |
EP1417603A1 (en) * | 2001-07-10 | 2004-05-12 | Core SDI, Incorporated | Automated computer system security compromise |
EP1417603A4 (en) * | 2001-07-10 | 2006-04-05 | Core Sdi Inc | Automated computer system security compromise |
US7228566B2 (en) | 2001-07-10 | 2007-06-05 | Core Sdi, Incorporated | Automated computer system security compromise |
WO2011031777A3 (en) * | 2009-09-08 | 2011-05-05 | Core Sdi, Incorporated | System and method for probabilistic attack planning |
US8490193B2 (en) | 2009-09-08 | 2013-07-16 | Core Security Technologies | System and method for probabilistic attack planning |
CN103457957A (en) * | 2013-09-17 | 2013-12-18 | 北京信息科技大学 | Network penetration test system with self-adaption function and network penetration test method |
CN103457957B (en) * | 2013-09-17 | 2016-05-18 | 北京信息科技大学 | A kind of network penetration test macro and method with adaptation function |
US10038711B1 (en) | 2017-01-30 | 2018-07-31 | XM Ltd. | Penetration testing of a networked system |
US10122750B2 (en) | 2017-01-30 | 2018-11-06 | XM Cyber Ltd | Setting-up penetration testing campaigns |
US10257220B2 (en) | 2017-01-30 | 2019-04-09 | Xm Cyber Ltd. | Verifying success of compromising a network node during penetration testing of a networked system |
US10999308B2 (en) | 2017-01-30 | 2021-05-04 | Xm Cyber Ltd. | Setting-up penetration testing campaigns |
US10686822B2 (en) | 2017-01-30 | 2020-06-16 | Xm Cyber Ltd. | Systems and methods for selecting a lateral movement strategy for a penetration testing campaign |
US10637882B2 (en) | 2017-01-30 | 2020-04-28 | Xm Cyber Ltd. | Penetration testing of a networked system |
US10505969B2 (en) | 2017-01-30 | 2019-12-10 | Xm Cyber Ltd. | Setting-up penetration testing campaigns |
US10581802B2 (en) | 2017-03-16 | 2020-03-03 | Keysight Technologies Singapore (Sales) Pte. Ltd. | Methods, systems, and computer readable media for advertising network security capabilities |
US10068095B1 (en) | 2017-05-15 | 2018-09-04 | XM Cyber Ltd | Systems and methods for selecting a termination rule for a penetration testing campaign |
US10534917B2 (en) | 2017-06-20 | 2020-01-14 | Xm Cyber Ltd. | Testing for risk of macro vulnerability |
US10574684B2 (en) | 2017-07-09 | 2020-02-25 | Xm Cyber Ltd. | Locally detecting phishing weakness |
US10412112B2 (en) | 2017-08-31 | 2019-09-10 | Xm Cyber Ltd. | Time-tagged pre-defined scenarios for penetration testing |
US10447721B2 (en) | 2017-09-13 | 2019-10-15 | Xm Cyber Ltd. | Systems and methods for using multiple lateral movement strategies in penetration testing |
US10454966B2 (en) | 2017-11-15 | 2019-10-22 | Xm Cyber Ltd. | Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign |
US11206282B2 (en) | 2017-11-15 | 2021-12-21 | Xm Cyber Ltd. | Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign |
US10367846B2 (en) | 2017-11-15 | 2019-07-30 | Xm Cyber Ltd. | Selectively choosing between actual-attack and simulation/evaluation for validating a vulnerability of a network node during execution of a penetration testing campaign |
US10440044B1 (en) | 2018-04-08 | 2019-10-08 | Xm Cyber Ltd. | Identifying communicating network nodes in the same local network |
US10382473B1 (en) | 2018-09-12 | 2019-08-13 | Xm Cyber Ltd. | Systems and methods for determining optimal remediation recommendations in penetration testing |
US10469521B1 (en) | 2018-11-04 | 2019-11-05 | Xm Cyber Ltd. | Using information about exportable data in penetration testing |
US10574687B1 (en) | 2018-12-13 | 2020-02-25 | Xm Cyber Ltd. | Systems and methods for dynamic removal of agents from nodes of penetration testing systems |
US10462177B1 (en) | 2019-02-06 | 2019-10-29 | Xm Cyber Ltd. | Taking privilege escalation into account in penetration testing campaigns |
US11283827B2 (en) | 2019-02-28 | 2022-03-22 | Xm Cyber Ltd. | Lateral movement strategy during penetration testing of a networked system |
US11206281B2 (en) | 2019-05-08 | 2021-12-21 | Xm Cyber Ltd. | Validating the use of user credentials in a penetration testing campaign |
US10637883B1 (en) | 2019-07-04 | 2020-04-28 | Xm Cyber Ltd. | Systems and methods for determining optimal remediation recommendations in penetration testing |
US10880326B1 (en) | 2019-08-01 | 2020-12-29 | Xm Cyber Ltd. | Systems and methods for determining an opportunity for node poisoning in a penetration testing campaign, based on actual network traffic |
US11533329B2 (en) | 2019-09-27 | 2022-12-20 | Keysight Technologies, Inc. | Methods, systems and computer readable media for threat simulation and threat mitigation recommendations |
US11005878B1 (en) | 2019-11-07 | 2021-05-11 | Xm Cyber Ltd. | Cooperation between reconnaissance agents in penetration testing campaigns |
US11575700B2 (en) | 2020-01-27 | 2023-02-07 | Xm Cyber Ltd. | Systems and methods for displaying an attack vector available to an attacker of a networked system |
US11582256B2 (en) | 2020-04-06 | 2023-02-14 | Xm Cyber Ltd. | Determining multiple ways for compromising a network node in a penetration testing campaign |
Also Published As
Publication number | Publication date |
---|---|
DE69915516D1 (en) | 2004-04-15 |
AU2213800A (en) | 2000-07-12 |
ATE261597T1 (en) | 2004-03-15 |
DE69915516T2 (en) | 2005-04-07 |
US6574737B1 (en) | 2003-06-03 |
EP1141831A2 (en) | 2001-10-10 |
WO2000038036A3 (en) | 2000-11-09 |
EP1141831B1 (en) | 2004-03-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6574737B1 (en) | System for penetrating computer or computer network | |
US8099760B2 (en) | System and method for risk detection and analysis in a computer network | |
US7516492B1 (en) | Inferring document and content sensitivity from public account accessibility | |
US8566945B2 (en) | System and method for testing web applications with recursive discovery and analysis | |
US7523301B2 (en) | Inferring content sensitivity from partial content matching | |
Kruegel et al. | Using decision trees to improve signature-based intrusion detection | |
US8706854B2 (en) | System and method for organizing, managing and running enterprise-wide scans | |
US9507944B2 (en) | Method for simulation aided security event management | |
Rubin et al. | Automatic generation and analysis of NIDS attacks | |
EP2447877B1 (en) | System and method for detection of malware and management of malware-related information | |
Leigland et al. | A formalization of digital forensics | |
US20130067575A1 (en) | Detection of network security breaches based on analysis of network record logs | |
CN102970272B (en) | Method, device and cloud server for detesting viruses | |
EP3745295B1 (en) | String matching method, string matching apparatus, storage medium, and electronic device | |
US20050144480A1 (en) | Method of risk analysis in an automatic intrusion response system | |
JP2008171397A (en) | Method for characterizing web application input | |
CN109104421B (en) | Website content tampering detection method, device, equipment and readable storage medium | |
US7216364B2 (en) | System security approaches using state tables | |
EP1744235A1 (en) | Method and system for virus detection based on finite automata | |
CN110768949B (en) | Vulnerability detection method and device, storage medium and electronic device | |
Lanoe et al. | A scalable and efficient correlation engine to detect multi-step attacks in distributed systems | |
Kayacik et al. | Evolving buffer overflow attacks with detector feedback | |
CN116055083B (en) | Method for improving network security and related equipment | |
Kruegel et al. | Improving signature testing through dynamic data flow analysis | |
WO2023076721A1 (en) | Pipelined malware infrastructure identification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
AK | Designated states |
Kind code of ref document: A3 Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1999966633 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1999966633 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
WWG | Wipo information: grant in national office |
Ref document number: 1999966633 Country of ref document: EP |